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REMARKS 

Applicant has carefully reviewed the Office Action mailed February 8, 2006 and offers 
the following remarks to accompany the above amendments. 
Claims 1-11 remain pending. 

Applicant acknowledges allowance of claims 1-6, 8, and 9. 
Applicant has amended claim 9 to correct antecedent basis. 

Objections tn Claims A *„A 1 1 

Applicant has amended claims 4 and 11 to alleviate the objections noted by the Patent 
Office. This objection is now moot. 



Rejection of Claim 7 UnHg r 35 U.S.C. $ 1 07(e) 
Claim 7 was rejected under 35 U.S.C. § 102(e) as being anticipated by U.S. Patent No. 
6,636,516 Bl to Yamano (hereinafter "Yamano"). Applicant respectfully traverses. For the 
Patent Office to prove anticipation, the Patent Office must show where each and every element 
of the claim is taught in the reference. Further, the elements of the reference must be arranged as 
claimed. MPEP § 2131 . Anticipation is a strict standard, and the Patent Office has not satisfied 
its burden in the present application. 

Before addressing the substance of the rejection, Applicant provides a brief overview of 
the present invention. The present invention is a tunneling scheme that goes beyond 
conventional tunneling between two endpoints. The present invention involves a tunnel for 
private communications that is stretched over two sub-endpoints each having an address in order 
to provide separation between the end user address space and the carrier address space when 
performing VPN communications. (Specification, p. 4, II. 1-2). By dividing the endpoint of a 
given tunnel into two sub-endpoints, the tunneling scheme is able to reduce the likelihood of a 
security threat that can occur in the case of a mis-provisioning of a traditional VPN. 
(Specification, p. 1 1, 11. 3-6). This is opposed to traditional tunneling schemes that encapsulate a 
packet with the identity of the endpoints of the tunnel thereby providing the destination address 
of an endpoint of the tunnel that may not be desired to be seen by the outside world. 
(Specification, p. 3, 11. 6-9). 
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An example of the present invention is provided with respect to a private source endpoint 
on a first private data network that desires to communicate a message to a private destination 
endpoint on a second private data network to accomplish VPN communications. References are 
made to Figure 10 to assist in the understanding of the example. First, the private source 
endpoint communicates the desired message and the private destination address over its private 
network (LAN A - 108 A) to an intermediary local carrier router (216M) acting as a first sub- 
endpoint The local carrier router (216M) contains a backbone router (BR - 204M) that has a 
public address and anumber of virtual routers (CVR - 206A) for connecting to LANs (108A). 
The local carrier router (216M) reads the private destination address and determines a private 
address of aprivate remote sub-endpoint (CVR-206X) of a communication tunnel. The private 
remove sub-endpoint (CVR - 206X) is associated with the private destination address on a 
remote private network (LAN X - 108X). 

Traditional tunneling would StfiP at this point and encapsulate the message with the 
source as the local carrier router (2 1 6M) public address and the destination as the private 
designation address (CVR - 206X) thereby exposing the private destination address to the 
outside world. Instead, for the present invention, the local carrier router (216M) (ietrnnines a 
public address of apublic remote sub-endpoint (216N) of the tunnel that provides the second 
sub-endpoint in the tunnel. The local carrier router (2 1 6M) then encapsulates the message with a 
source address as a public local sub-endpoint (204M) of the tunnel and a destination address as 
the public remote sub-endpoint (21 <SN) of the tunnel. The private destination address is provided 
in the inner encapsulated part of the message rather than being exposed in the outer source or 
destination addresses like in traditional tunneling. 

Thus in summary, the present invention provides two sub-endpoints for providing the 
tunneling communication scheme where both the source and destination of the encapsulated 
message are not the private addresses of the private endpoints. Traditional tunneling does not 
provide two sub-endpoints. Thus, the destination address of the encapsulated message is a 
private address. Because VPN communications are two-way, traditional tunneling exposes the 
private destination addresses of both endpoints. The present invention does not. 

With respect to claim 7, two sub-endpoints are claimed for the communication tunnel. 
The first sub-endpoint is provided in a backbone router than has a network address in a public 
data network. The second sub-endpoint is provided in a virtual router that has a network address 



6 



PAGE m* RCVDAT 5/412006 10:09:55 AM [Eastern Daylight Time) ' SVR:USPTO-EFXRF-1/20 * DNIS:2738300 ■ CSID:919 6544521 « DURATION (mm-ss):02-54 



05/04/06 09:12 FAX 919 654 4521 



WITHROW & TERRANOVA 



-+ USPTO NB 



@008 



in a private data network. Yamano does disclose using a tunneling unit (305, see also Fig. 3) that 
provides tunneling of communications from a private network interface (301 ) to a public 
network interface (309). However, Yamano merely discloses the traditional tunneling described 
above that does not employ two sub-endpoints as claimed in the present invention. This is 
further evidenced by Yamano's use of the address translation table (306, see also Fig. 7) that 
provides only one intermediary address (Internet IP address) for a destination address. Thus, 
Yamano does not anticipate, teach, or suggest the claimed invention, including claim 7 3 and this 
rejection must be withdrawn. 



Rejection of Claims 10 and 1 1 Under 35 U.S.C. 8 1 02(g) 
Claims 10 and 11 were rejected under 35 U.S.C. § 102(e) as being anticipated by U.S. 
Patent Application Publication No. 2002/0038419 Al to Gaixett et al. (hereinafter "GarretT). 
Applicant respectfully traverses. The standards for anticipation are set forth above. 

Claims 10 and 1 1 require two sub-endpoints to provide the modified communication 
tunneling as previously described. Just like Yamano, Garrett only discloses traditional 
communication tunneling that does not employ two sub-endpoints. This is evidenced by 
Gairett's disclosure in paragraphs 0016, 001 7, and 0019. In paragraph 0016, Garrett states that 
traditional IP encapsulation is used for communication tunneling. In particular, see paragraph 
0016, lines 12-14, where Garrett states that the outer source IP address and destination IP address 
for the encapsulated message identify the endpoints of the tunnel Paragraph 0017 states that the 
packet is encapsulated using the "encapsulation techniques described above" (i.e., meaning in 
paragraph 0016). Paragraph 0019 noted by the Patent Office actually states that tunneling need 
not be used. 

It is clear that Gaixett does not anticipate, teach, or suggest the claim limitations of claims 
10 and 1 L Thus, this rejection must be withdrawn. 

The present application is now in condition for allowance and such action is respectfully 
requested. The Examiner is encouraged to contact Applicant's representative regarding any 
remaining issues in an effort to expedite allowance and issuance of the present application. 
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Date: Mav4. 2006 
Attorney Docket: 7000-497 



By: 



Respectfully submitted, 

WITHROW & TERRANOVA, P.L.L.C 




Steven N, Terranova 
Registration No. 43,185 
RO, Box 1287 
Caiy,NC27512 
Telephone: (919) 654-4520 
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